HP X Unified Security Platform manual 70

STEP 1

STEP 2

STEP 3

CAUTION Remote syslog, in adherence to RFC 3164, sends clear text log messages using the UDP protocol with no additional security protections. Therefore, you should only use remote syslog on a secure, trusted network to prevent syslog messages from being intercepted, altered, or spoofed by a third party.

From the LSM menu, select IPS > Action Sets. Then, on the Action Sets page, click the Notification Contacts tab.

On the Notification Contacts page in the Contacts List, click the Remote System Log link.

On the Edit Notification Contact page, type the IP Address and Port for the host that receives the offloaded log messages.

STEP 5

STEP 6 STEP 7 STEP 8 STEP 9

Select an Alert Facility and a Block Facility: none or select from a range of 0 to 31. These syslog number uses these numbers to identify the message source.

Select a Delimiter for the generated logs: tab, comma, semicolon, or bar. Click Add to table below to add the remote syslog server.

Enter a Remote system log aggregation period in minutes.

Click Save.

STEP 1

STEP 2 STEP 3 STEP 4

STEP 5

From the LSM menu, select IPS > Notification Contacts. Then, click the Notification Contacts tab.

Click the pencil icon next to the Management Console entry. Edit the Contact Name. By default, it is Management Console. Enter the Aggregation Period for notification messages in minutes.

Click Save.

STEP 1

STEP 2

From the LSM menu, select IPS > Action Sets. Then, click the Notification Contacts tab.

On the Notification Contacts page, click the Delete icon to remove the notification contact.